Odyssey
secureforms.prg
1 <?php
2 
3  /*
4  * File: secureforms.prg
5  *
6  * Purpose: Used by hcuForms.prg and Custom Content/ SecureForms
7  * to find the cu's public directory and target form.
8  * Replaces secureforms in Mammoth.
9  *
10  */
11 
12 // ** INCLUDE MAIN GLOBAL SCRIPT -- Handles security / global variable values
13 require_once(dirname(__FILE__) . '/../library/hcuService.i');
14 
15 /*
16 * ** CHECK USER FEATURE PERMISSIONS **
17 * NOTE: DOES NOT RETURN ON FAILURE
18 */
19 PermCheckFeatureScreen($dbh, $HB_ENV, $MC, FEATURE_BASIC);
20 
21 // ** INSERT BUSINESS LOGIC FOR THIS FORM
22 $Cu = $HB_ENV["Cu"];
23 
24 $protectdir = "/home/$Cu/public_html";
25 
26 $dms_ok = array('Flang' => 'string','speak' => 'string');
27 
28 dms_import($dms_ok);
29 
30 $filename = $protectdir . HCU_array_key_value("PATH_INFO", $_SERVER);
31 $filemime = mime_content_type($filename);
32 
33 $notallowed = ';$*\\,`&|:?<>"';
34 
35 if (strpos($filename,'/.') === false && strpbrk($filename,$notallowed) === false && is_readable($filename)) {
36 
37  switch($filemime) {
38  case "application/pdf":
39  header('Content-Type: application/pdf');
40  header("Content-Disposition: attachment;filename='" + $filename);
41  readfile($filename);
42  break;
43 
44  default:
45  readfile($filename);
46  }
47 
48 } else {
49  header("Status: 404 Not Found");
50  print "<HTML><HEAD><TITLE>404 " . $MC->msg('Not Found') . "</TITLE>
51 </HEAD><BODY>
52 <H1>" . $MC->msg('Not Found') . "</H1>" .
53 $MC->msg('The requested URL') . " ${_SERVER['PHP_SELF']} " .
54 $MC->msg('was not found on this server') . ". <P>
55 <HR>
56 <ADDRESS>${_SERVER['SERVER_SIGNATURE']}</ADDRESS>
57 </BODY></HTML>";
58 }
59 ?>
Generated by   doxygen 1.8.15